Mtk Nvram Editor Tool

0 views
Skip to first unread message

Pamala

unread,
Aug 4, 2024, 10:03:27 PM8/4/24
to clearnedosur
OnMac OS X there is a tool called nvram to get and set EFI properties. As I am now deploying GNU/Linux on Apple hardware, I'd like to have a similar tool that is able to talk to Apple's EFI implementation.

This tiny tool can be used to access some bytes of your mainboard's NVRAM in Windows (should work from Win98 up to Win7 in principle, only tested on WinXP though). The BIOS stores its settings in this NVRAM, therefore it may be used to dump and restore these settings.


I've had serious issues with an old ECS K7S5A mainboard, primarily because it kept on losing its BIOS settings once in a while, although I've tried different batteries and about 10 different BIOS versions. My first approach was to customize the BIOS so that its default settings comply with the optimal settings for the system.


Sadly, there's no way to modify the default FSB clock - every time the settings are lost, it's reduced from 147 MHz back to 100 MHz, resulting in only 2/3 speed (CPU and memory) - simply unacceptable. This is where I started to think about writing directly to the NVRAM containing the BIOS settings from within Windows (XP, in this case) after every boot. In case the current settings differ from the reference dump (defining the 147 MHz FSB) to be restored, a message box alerts my sister that by restarting the system, she'd get a nice speed boost of 47%.


I've learned that the NVRAM is accessible through low-level I/O ports (in and out instructions in assembler). Recent Windows versions obviously do not allow access to these from user-space, therefore a driver needs to do the job for us. I've already used the great WinRing0 library before, so I've employed it again for this interesting low-level stuff.


So, how do we access the NVRAM using these I/O ports? Well, as it turns out, the first 128 bytes of the NVRAM are accessed by writing the byte offset (0 to 127) to I/O port 0x70 and then reading the byte from or writing its new value to I/O port 0x71.


I was a little worried because the BIOS flash tool displays 16 KB of NVRAM, and I found no information about accessing all these other bytes. Luckily, I've learned that the first 14 bytes are reserved for the RTC (Real Time Clock) and that the BIOS settings are usually stored right after these 14 bytes. Since there are 114 useful bytes to be accessed from I/O ports 0x70/0x71, i.e., more than 900 bits, I just hoped that it would be enough to contain the tightly packed settings along with a checksum at the end.


Therefore, I experimented with different BIOS settings (modifying just the FSB option) and dumped the 114 bytes from the NVRAM to a file. By comparing these dumps, I was pretty certain that it would be alright as they differed in two regions (1-2 bytes each) from each other - i.e., the bits related to the FSB setting and the checksum at the end.


Restoring a dump, i.e., writing it to NVRAM, works on that system. But, please keep in mind that it completely depends upon your BIOS, therefore perform some tests (dumps and comparisons) first. In case something goes wrong, you may need to reset the NVRAM manually, either by setting a jumper on the board or by pushing a button (it's mostly called Clear CMOS).


Well, I don't think many people will find this utility useful :D - I haven't heard of boards losing their settings once in a while myself until I got this K7S5A. But I find it interesting to be able to access such low-level stuff from within Windows (Linux provides the nvram module and a special /dev/nvram file) - I hope some of you can use this information.


On my TM-T88V the logo printing from NVRAM is very good, even when using a color image that the Printer converts to Greyscale. On my TM-T220II the quality of the Greyscale image produced on the print is not very good at all, so I ended up changing the image to pure Black & White.


SambaPOS tries to convert your bmp to a black & white image so as slightly grayish colors may appear as white and that may look bad. You can try converting it to a black and white (not grayscale) image with your image editor tool so it may look better.


if you want to modify nvram.bin you can modify this in your rooted devicethis is folder in /data/nvramafter modify you can backup by mtk driod tools: -and-restore-imei-nvrammtk droid gives to you a nvram.bin file!


From your car to airport kiosks and power grids, nearly all technology is powered by firmware and for that reason, firmware attacks are on the rise. Firmware attacks are much more dangerous than OS-based attacks because firmware is invisible to OS-based security solutions.


As an Arm license partner, one of your main objectives is to bring your designs to the market as quickly and efficiently as possible. However, this process can be fraught with challenges, and one of the biggest hurdles you may encounter is in the development of firmware. Firmware is a critical component of your device, ensuring that it powers on, runs securely, and stays on during its lifecycle. Developing firmware that meets these requirements can be a complex and time-consuming task, but it is essential for the success of your device.


AMISCE is a command-line tool that provides an easy way to update NVRAM variables, extract variables directly from the BIOS, change settings using either a text editor or a setup program and update the BIOS. AMISCE produces a script file that lists all setup questions on the system being modified by AMISCE. The user can then modify the script file and use it as input to change the current NVRAM setup variables.Aptio Utilities Data SheetAMI Setup Data Extraction (AMISDE)AMISDE is a command-line tool for exporting setup data from an Aptio ROM image, including spreadsheet applications such as Microsoft Excel. It generates a helpful summary report of BIOS setup parameters and default values that enhances productivity in testing and manufacturing.


Copyright 2024 AMI. All Rights Reserved. Contents of this website are subject to change without notice. Products mentioned herein may be trademarks or registered trademarks of their respective companies. No warranties are made, either expressed or implied, with regard to the contents within, its merchantability or fitness for a particular use.


I was hoping you all could share some of the scripts and other tools you use for your users. There have been some older threads showing off their tools but they are a little sparse on how to make them work. One great one I saw, but have no idea how to get it to work, was an emergency backup to Google Drive.


@emily Can you possibly share the Gatekeeper script or the link where you got the Gatekeeper script? We have devs that would need that sometimes. As long as it is approved by our security first. Thanks.


Do any of you all have actual usage data on these policies? UX and adoption should be somewhat data driven though usage data. I am just curious because I am finding out my employees rarely use self service, or they don't use it at the rate I would expect. We do have a lot of automation in place though, so that is a factor for us.


We ship policy webhooks to our data platform, and self service is barely used at my Org. If people want an app they typically just go download it. They also want IT to just patch it. Looking at the data by policy ID (since jamf does not include self service == True/False in the hook) it is very low for the total number of policies ran. To give context though, we actively try to patch non running apps at every check in. So, obviously the automation is going to run a lot more than self service, but the number of self service policy execution is very low.


I am still trying to a way to cache this script or make it available when a network connection is spotty. I'm gonna eventually try to make this script an executable within all users "/Documents" folder so it is easily accessible.


@tlarkin I have a lot of problems here encouraging Self Service too. The pandemic is opening people's eyes to it more though. We share a problem in that I do a lot for the Mac users automagically instead. My positioning with them is that "Self Service allows me to install the things you want IT's way without having to have one of us come over and interrupt your classroom or take control of your screen at the worst time." I've seen an uptick in usage over the past two years, but folks are really used to me doing x or y from them. I'd love it if you come across any tricks at encouraging the Self Service mentality.


All I can do is try to make the process of using those things as simple as possible and try to demonstrate the advantages to it. It works for a few but many are very stubborn to it. Unfortunately it's usually older users who seem to be set in their ways.


One thing I'm doing to encourage Self Service use is by requiring it in the Dock. I wanted it originally as a menubar item and have a feature request in with Jamf to have as an option but it didn't get much traction among those who frequent here. I'm also pushing for the Windows admins to promote the use of SCCM's Software Center more. I figure if our help desk talks things up more about how the users can accomplish more as if it's an App Store, then that should help. It's a slow painful process though as there's not much buy in. The windows folks tend to want to use Software Center for their own use rather than the users for some reason.


@blackholemac culture is a thing too for us. I was deploying some binaries for a specific group of employees and I was just going to self service it. I was told by engineering managers that I needed to automate it, because engineers should not have to stop what they are doing and fumble around in an app to get software that IT should just provide. I 100% agreed with this manager and I have automated those type of installs ever since.


So, really my company just barely uses self service and they all prefer IT to automate things versus them having to waste their time clicking a bunch of buttons in an app. I honestly do not blame them, as IT Engineering teams get paid to do this stuff.

3a8082e126
Reply all
Reply to author
Forward
0 new messages